Security News

A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. A Google Docs user, Pat Needham brought up the issue on Google Docs Editors Help forum.

"This will simplify sign-ins across devices, websites, and applications no matter the platform - without the need for a single password," Google said.The new Fast IDentity Online sign-in system does away with passwords entirely in favor of displaying a prompt asking a user to unlock the phone when signing into a website or an application.

Microsoft, Apple and Google - all longtime proponents of doing away with passwords for authentication purposes - are throwing their support behind standards developed by the FIDO Alliance and the World Wide Web Consortium that could eliminate the passphrases completely. Microsoft said there are 579 password attacks every second, or about 18 billion a year, and many of them are successful, mainly because people have a tendency to pick poor passwords or reuse them across multiple accounts.

Today, Microsoft, Apple, and Google announced plans to support a common passwordless sign-in standard developed by the World Wide Web Consortium and the FIDO Alliance. "These multi-device FIDO credentials, sometimes referred to as passkeys, represent a monumental step toward a world without passwords," added Microsoft Identity Division Vice President Alex Simons.

Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. As Android uses a modified Linux kernel, the vulnerability also affects the operating system.

Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone. A future without passwords may be closer than we think, at least when a new initiative to enlist your smartphone as a mobile authenticator gets off the ground.

Google is joining Microsoft in its attempts to tackle EU concerns regarding data sovereignty but some privacy experts are yet to be convinced by the move. "In parallel, Google Cloud will continue to provide customers with legal mechanisms for international data transfer, which will include making the protections offered by the new EU data transfer framework available once it is implemented."

Google in the next few days plans to begin testing fenced frames, a proposed web API to help its Privacy Sandbox ad technologies meet commitments to privacy of a sort. Fenced frames are designed to take the place of inline frames, or iframes, for specific scenarios like delivering interest-based ads without betraying interest data to the web page in which they're embedded.

Phishing actors abuse Google's SMTP relay service to bypass email security products and successfully deliver malicious emails to targeted users. According to a report from email security firm Avanan, there has been a sudden uptick in threat actors abusing Google's SMTP relay service starting in April 2022.

Google has released Android 13 Beta 1 and has sent out a call for bug hunters: Find bugs in it, and you'll get a 50% bonus reward payout. Getting Android 13 as secure as possible before the final release.